Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Fixed fatal error. Commit unit tests

  • Loading branch information...
commit 81cbbef5476e65295e5f7605e1a4d2106ec0fc46 1 parent ad54ba9
@fightmaster fightmaster authored
View
1  .gitignore
@@ -0,0 +1 @@
+vendor/symfony
View
2  Security/Authentication/Provider/Provider.php
@@ -55,7 +55,7 @@ protected function validateDigest($digest, $nonce, $created, $secret)
}
//validate secret
- $expected = base64_encode(sha1(base64_decode($nonce).$created.$secret), true));
+ $expected = base64_encode(sha1(base64_decode($nonce).$created.$secret, true));
return $digest === $expected;
}
View
230 Tests/Security/Authentication/Provider/ProviderTest.php
@@ -0,0 +1,230 @@
+<?php
+/**
+ * @author Dmitry Petrov <dmitry.petrov@opensoftdev.ru>
+ */
+namespace Escape\WSSEAuthenticationBundle\Tests\Security\Authentication\Provider;
+
+use Escape\WSSEAuthenticationBundle\Security\Authentication\Provider\Provider;
+use Escape\WSSEAuthenticationBundle\Security\Authentication\Token\Token;
+
+class ProviderTestSimple extends Provider
+{
+ public function validateDigest($digest, $nonce, $created, $secret)
+ {
+ return parent::validateDigest($digest, $nonce, $created, $secret);
+ }
+}
+
+/**
+ * @author Dmitry Petrov <dmitry.petrov@opensoftdev.ru>
+ */
+class ProviderTest extends \PHPUnit_Framework_TestCase
+{
+ private $userProvider;
+
+ private static $nonceDir;
+
+ public static function setUpBeforeClass()
+ {
+ parent::setUpBeforeClass();
+ static::$nonceDir = __DIR__ . '/../../../nonceDir/';
+ }
+
+ private function clearDir()
+ {
+ $handle = opendir(static::$nonceDir);
+ while ($tmp = readdir($handle)) {
+ if($tmp != '..' && $tmp != '.' && $tmp != '') {
+ unlink(static::$nonceDir . $tmp);
+ }
+ }
+
+
+ }
+ protected function setUp()
+ {
+ $this->userProvider = $this->getMock('Symfony\Component\Security\Core\User\UserProviderInterface');
+ $this->clearDir();
+ }
+
+ /**
+ * @test
+ * @dataProvider providerSupports
+ * @param $token
+ * @param $expected
+ */
+ public function supports($token, $expected)
+ {
+ $provider = new Provider($this->userProvider);
+ $this->assertEquals($expected, $provider->supports($token));
+ }
+
+ public function providerSupports()
+ {
+ return array(
+ array(new Token(), true),
+ array($this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface'), false)
+ );
+ }
+
+ /**
+ * @test
+ *
+ * @param $digest
+ * @param $nonce
+ * @param $created
+ * @param $secret
+ */
+ public function validateDigestExpireTime()
+ {
+ $provider = new ProviderTestSimple($this->userProvider);
+ $result = $provider->validateDigest(null, null, '2000-10-10 12:00:00', null);
+ $this->assertFalse($result);
+ }
+
+ /**
+ * @test
+ * @dataProvider providerValidateDigest
+ * @param $digest
+ * @param $nonce
+ * @param $created
+ * @param $secret
+ */
+ public function validateDigestWithoutNonceDir($digest, $nonce, $created, $secret, $expected)
+ {
+ $provider = new ProviderTestSimple($this->userProvider);
+ $result = $provider->validateDigest($digest, $nonce, $created, $secret);
+ $this->assertEquals($expected, $result);
+ }
+
+ public function providerValidateDigest()
+ {
+ $time = date('Y-m-d H:i:s');
+ $digest = base64_encode(sha1(base64_decode(base64_encode('test')).$time.'test', true));
+ return array(
+ array($digest, base64_encode('test'), $time, 'test', true),
+ array($digest, base64_encode('test'), $time, 'test1', false),
+ array($digest, base64_encode('test'), $time+4, 'test', false),
+ array($digest, base64_encode('test2'), $time, 'test', false),
+ array($digest. '9', base64_encode('test'), $time, 'test', false),
+ );
+ }
+
+ /**
+ * @test
+ * @dataProvider providerValidateDigest
+ * @param $digest
+ * @param $nonce
+ * @param $created
+ * @param $secret
+ */
+ public function validateDigestWithNonceDir($digest, $nonce, $created, $secret, $expected)
+ {
+ $provider = new ProviderTestSimple($this->userProvider, __DIR__ . '/../../../nonceDir');
+ $result = $provider->validateDigest($digest, $nonce, $created, $secret);
+ $this->assertEquals($expected, $result);
+
+ $this->assertFileExists(static::$nonceDir . $nonce);
+
+ $result = $provider->validateDigest($digest, $nonce, $created, $secret);
+ $this->assertEquals($expected, $result);
+
+ unlink(static::$nonceDir . $nonce);
+ /*//expire timestamp after specified lifetime
+ if(time() - strtotime($created) > $this->lifetime)
+ return false;
+
+ if($this->nonceDir)
+ {
+ //validate nonce is unique within specified lifetime
+ if(file_exists($this->nonceDir.'/'.$nonce) && file_get_contents($this->nonceDir.'/'.$nonce) + $this->lifetime < time())
+ throw new NonceExpiredException('Previously used nonce detected');
+
+ file_put_contents($this->nonceDir.'/'.$nonce, time());
+ }
+
+ //validate secret
+ $expected = base64_encode(sha1(base64_decode($nonce).$created.$secret), true);
+
+ return $digest === $expected;*/
+ }
+
+ /**
+ * @test
+ * @dataProvider providerValidateDigest
+ * @expectedException \Symfony\Component\Security\Core\Exception\NonceExpiredException
+ * @param $digest
+ * @param $nonce
+ * @param $created
+ * @param $secret
+ */
+ public function validateDigestWithNonceDirExpectedException($digest, $nonce, $created, $secret, $expected)
+ {
+ $provider = new ProviderTestSimple($this->userProvider, __DIR__ . '/../../../nonceDir');
+ file_put_contents(static::$nonceDir . $nonce, time() - 60000);
+
+ $provider->validateDigest($digest, $nonce, $created, $secret);
+
+ unlink(static::$nonceDir . $nonce);
+ }
+
+ /**
+ * @test
+ *
+ * @depends validateDigestWithNonceDirExpectedException
+ * @depends validateDigestWithNonceDir
+ * @depends validateDigestWithoutNonceDir
+ * @depends validateDigestExpireTime
+ * @expectedException \Symfony\Component\Security\Core\Exception\AuthenticationException
+ */
+ public function authenticateExpectedException()
+ {
+ $provider = new ProviderTestSimple($this->userProvider);
+ $provider->authenticate(new Token());
+ /*$user = $this->userProvider->loadUserByUsername($token->getUsername());
+
+ if($user && $this->validateDigest($token->digest, $token->nonce, $token->created, $user->getPassword()))
+ {
+ $authenticatedToken = new Token($user->getRoles());
+ $authenticatedToken->setUser($user);
+ $authenticatedToken->setAuthenticated(true);
+
+ return $authenticatedToken;
+ }
+
+ throw new AuthenticationException('WSSE authentication failed.');*/
+ }
+
+ /**
+ * @test
+ * @depends validateDigestWithNonceDirExpectedException
+ * @depends validateDigestWithNonceDir
+ * @depends validateDigestWithoutNonceDir
+ * @depends validateDigestExpireTime
+ */
+ public function authenticate()
+ {
+ $user = $this->getMock('Symfony\Component\Security\Core\User\UserInterface');
+ $user->expects($this->once())->method('getPassword')->will($this->returnValue('test'));
+ $user->expects($this->once())->method('getRoles')->will($this->returnValue(array()));
+ $this->userProvider->expects($this->once())->method('loadUserByUsername')->will($this->returnValue($user));
+
+ $expected = new Token();
+ $expected->setUser($user);
+ $expected->setAuthenticated(true);
+
+
+ $time = date('Y-m-d H:i:s');
+ $digest = base64_encode(sha1(base64_decode(base64_encode('test')).$time.'test', true));
+ //$digest, base64_encode('test'), $time, 'test', true),
+ $token = new Token();
+ $token->digest = $digest;
+ $token->nonce = base64_encode('test');
+ $token->created = $time;
+
+ $provider = new ProviderTestSimple($this->userProvider);
+ $result = $provider->authenticate($token);
+
+ $this->assertEquals($expected, $result);
+ }
+}
View
30 Tests/Security/Authentication/Token/TokenTest.php
@@ -0,0 +1,30 @@
+<?php
+/**
+ * @author Dmitry Petrov <dmitry.petrov@opensoftdev.ru>
+ */
+namespace Escape\WSSEAuthenticationBundle\Tests\Security\Authentication\Token;
+
+use Escape\WSSEAuthenticationBundle\Security\Authentication\Token\Token;
+
+/**
+ * @author Dmitry Petrov <dmitry.petrov@opensoftdev.ru>
+ */
+class TokenTest extends \PHPUnit_Framework_TestCase
+{
+ /**
+ * @test
+ */
+ public function getCredentials()
+ {
+ $token = new Token();
+ $this->assertEquals('', $token->getCredentials());
+ }
+
+ public function testIssetPublicVariables()
+ {
+ $token = new Token();
+ $this->assertClassHasAttribute('created', get_class($token));
+ $this->assertClassHasAttribute('digest', get_class($token));
+ $this->assertClassHasAttribute('nonce', get_class($token));
+ }
+}
View
63 Tests/Security/Factory/FactoryTest.php
@@ -0,0 +1,63 @@
+<?php
+/**
+ * @author Dmitry Petrov <dmitry.petrov@opensoftdev.ru>
+ */
+namespace Escape\WSSEAuthenticationBundle\Tests\Security\Factory;
+
+use Escape\WSSEAuthenticationBundle\Security\Factory\Factory;
+use Symfony\Component\DependencyInjection\ContainerBuilder;
+use Symfony\Component\DependencyInjection\Reference;
+
+/**
+ * @author Dmitry Petrov <dmitry.petrov@opensoftdev.ru>
+ */
+class FactoryTest extends \PHPUnit_Framework_TestCase
+{
+ /**
+ * @test
+ */
+ public function getPosition()
+ {
+ $factory = new Factory();
+ $result = $factory->getPosition();
+ $this->assertEquals('pre_auth', $result);
+ }
+
+ /**
+ * @test
+ */
+ public function getKey()
+ {
+ $factory = new Factory();
+ $result = $factory->getKey();
+ $this->assertEquals('wsse', $result);
+ $this->assertEquals('wsse', $this->getFactory()->getKey());
+ }
+
+ protected function getFactory()
+ {
+ return $this->getMockForAbstractClass('Escape\WSSEAuthenticationBundle\Security\Factory\Factory', array());
+ }
+
+ public function testCreate()
+ {
+ $factory = $this->getFactory();
+
+ $container = new ContainerBuilder();
+ $container->register('wsse.security.authentication.provider');
+
+ list($authProviderId,
+ $listenerId,
+ $entryPointId
+ ) = $factory->create($container, 'foo', array('nonce_dir' => 'nonce', 'lifetime' => 300), 'user_provider', 'entry_point');
+
+ // auth provider
+ $this->assertEquals('security.authentication.provider.wsse.foo', $authProviderId);
+ $this->assertEquals('security.authentication.listener.wsse.foo', $listenerId);
+ $this->assertEquals('entry_point', $entryPointId);
+ $this->assertTrue($container->hasDefinition('security.authentication.listener.wsse.foo'));
+ $definition = $container->getDefinition('security.authentication.provider.wsse.foo');
+ $this->assertEquals(array('index_0' => new Reference('user_provider'), 'index_1' => 'nonce', 'index_2' => 300), $definition->getArguments());
+ $this->assertTrue($container->hasDefinition('security.authentication.provider.wsse.foo'));
+ }
+}
View
101 Tests/Security/Firewall/ListenerTest.php
@@ -0,0 +1,101 @@
+<?php
+
+namespace Escape\WSSEAuthenticationBundle\Tests\Security\Firewall;
+
+use Escape\WSSEAuthenticationBundle\Security\Firewall\Listener;
+use Symfony\Component\HttpFoundation\Response;
+use Escape\WSSEAuthenticationBundle\Security\Authentication\Token\Token;
+
+class ListenerTest extends \PHPUnit_Framework_TestCase
+{
+ /**
+ * @var \PHPUnit_Framework_MockObject_MockObject $responseEvent
+ */
+ private $responseEvent;
+
+ /**
+ * @var \PHPUnit_Framework_MockObject_MockObject
+ */
+ private $request;
+
+ /**
+ * @var \PHPUnit_Framework_MockObject_MockObject
+ */
+ private $securityContext;
+
+ /**
+ * @var \PHPUnit_Framework_MockObject_MockObject
+ */
+ private $authenticationManager;
+
+ protected function setUp()
+ {
+ $this->responseEvent = $this->getMockBuilder('\Symfony\Component\HttpKernel\Event\GetResponseEvent')->disableOriginalConstructor()->getMock();
+ $this->request = $this->getMockForAbstractClass('Symfony\Component\HttpFoundation\Request');
+ $this->responseEvent->expects($this->once())->method('getRequest')->will($this->returnValue($this->request));
+ $this->securityContext = $this->getMock('\Symfony\Component\Security\Core\SecurityContextInterface');
+ $this->authenticationManager = $this->getMock('\Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface');
+ }
+
+ /**
+ * @test
+ */
+ public function handleUnauthorized()
+ {
+ $listener = new Listener($this->securityContext, $this->authenticationManager);
+ $response = new Response();
+ $response->setStatusCode(401);//unauthorized
+ $this->responseEvent->expects($this->once())->method('setResponse')->with($response);
+ $result = $listener->handle($this->responseEvent);
+ }
+
+ /**
+ * @test
+ */
+ public function handleForbidden()
+ {
+ $listener = new Listener($this->securityContext, $this->authenticationManager);
+ $this->request->headers->add(array('X-WSSE'=>'temp'));
+ $response = new Response();
+ $response->setStatusCode(403);//unauthorized
+ $this->responseEvent->expects($this->once())->method('setResponse')->with($response);
+ $result = $listener->handle($this->responseEvent);
+ }
+
+ /**
+ * @test
+ */
+ public function handleReturnToken()
+ {
+ $token = new Token();
+ $token->setUser('admin');
+ $token->digest = 'admin';
+ $token->nonce = 'admin';
+ $token->created = '2010-12-12 20:00:00';
+ $tokenMock2 = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface');
+ $this->authenticationManager->expects($this->once())->method('authenticate')->with($token)->will($this->returnValue($tokenMock2));
+ $this->securityContext->expects($this->once())->method('setToken')->with($tokenMock2);
+ $this->request->headers->add(array('X-WSSE'=>'UsernameToken Username="admin", PasswordDigest="admin", Nonce="admin", Created="2010-12-12 20:00:00"'));
+ $listener = new Listener($this->securityContext, $this->authenticationManager);
+ $listener->handle($this->responseEvent);
+ }
+
+ /**
+ * @test
+ */
+ public function handleReturnResponse()
+ {
+ $token = new Token();
+ $token->setUser('admin');
+ $token->digest = 'admin';
+ $token->nonce = 'admin';
+ $token->created = '2010-12-12 20:00:00';
+ $response = new Response();
+ $this->authenticationManager->expects($this->once())->method('authenticate')->with($token)->will($this->returnValue($response));
+ $this->responseEvent->expects($this->once())->method('setResponse')->with($response);
+ $this->request->headers->add(array('X-WSSE'=>'UsernameToken Username="admin", PasswordDigest="admin", Nonce="admin", Created="2010-12-12 20:00:00"'));
+ $listener = new Listener($this->securityContext, $this->authenticationManager);
+ $listener->handle($this->responseEvent);
+ }
+
+}
View
22 Tests/autoload.php.dist
@@ -0,0 +1,22 @@
+<?php
+
+$vendorDir = __DIR__.'/../vendor';
+require_once $vendorDir.'/symfony/src/Symfony/Component/ClassLoader/UniversalClassLoader.php';
+
+use Symfony\Component\ClassLoader\UniversalClassLoader;
+
+$loader = new UniversalClassLoader();
+$loader->registerNamespaces(array(
+ 'Symfony' => $vendorDir.'/symfony/src',
+));
+$loader->register();
+
+spl_autoload_register(function($class) {
+ $class = ltrim($class, '\\');
+ if (0 === strpos($class, 'Escape\WSSEAuthenticationBundle\\')) {
+ $file = __DIR__.'/../'.str_replace('\\', '/', substr($class, strlen('Escape\WSSEAuthenticationBundle\\'))).'.php';
+ if (file_exists($file)) {
+ require $file;
+ }
+ }
+});
View
7 Tests/bootstrap.php
@@ -0,0 +1,7 @@
+<?php
+
+if (file_exists($file = __DIR__.'/autoload.php')) {
+ require_once $file;
+} elseif (file_exists($file = __DIR__.'/autoload.php.dist')) {
+ require_once $file;
+}
View
29 phpunit.xml.dist
@@ -0,0 +1,29 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<phpunit backupGlobals="false"
+ backupStaticAttributes="false"
+ colors="true"
+ convertErrorsToExceptions="true"
+ convertNoticesToExceptions="true"
+ convertWarningsToExceptions="true"
+ processIsolation="false"
+ stopOnFailure="false"
+ syntaxCheck="false"
+ bootstrap="Tests/bootstrap.php"
+>
+ <testsuites>
+ <testsuite name="EscapeWSSEAuthenticationBundle Test Suite">
+ <directory suffix="Test.php">./Tests</directory>
+ </testsuite>
+ </testsuites>
+
+ <filter>
+ <whitelist>
+ <directory>./</directory>
+ <exclude>
+ <directory>./Resources</directory>
+ <directory>./Tests</directory>
+ </exclude>
+ </whitelist>
+ </filter>
+</phpunit>
View
22 vendor/vendors.php
@@ -0,0 +1,22 @@
+#!/usr/bin/env php
+<?php
+
+set_time_limit(0);
+
+$vendorDir = __DIR__;
+$deps = array(
+ array('symfony', 'http://github.com/symfony/symfony', isset($_SERVER['SYMFONY_VERSION']) ? $_SERVER['SYMFONY_VERSION'] : 'origin/master'),
+);
+
+foreach ($deps as $dep) {
+ list($name, $url, $rev) = $dep;
+
+ echo "> Installing/Updating $name\n";
+
+ $installDir = $vendorDir.'/'.$name;
+ if (!is_dir($installDir)) {
+ system(sprintf('git clone -q %s %s', escapeshellarg($url), escapeshellarg($installDir)));
+ }
+
+ system(sprintf('cd %s && git fetch -q origin && git reset --hard %s', escapeshellarg($installDir), escapeshellarg($rev)));
+}
Please sign in to comment.
Something went wrong with that request. Please try again.